Abstract: Multimedia information availability has increased
dramatically with the advent of video broadcasting on handheld
devices. But with this availability comes problems of maintaining the
security of information that is displayed in public. ISMA Encryption
and Authentication (ISMACryp) is one of the chosen technologies for
service protection in DVB-H (Digital Video Broadcasting-
Handheld), the TV system for portable handheld devices. The
ISMACryp is encoded with H.264/AVC (advanced video coding),
while leaving all structural data as it is. Two modes of ISMACryp are
available; the CTR mode (Counter type) and CBC mode (Cipher
Block Chaining) mode. Both modes of ISMACryp are based on 128-
bit AES algorithm. AES algorithms are more complex and require
larger time for execution which is not suitable for real time
application like live TV. The proposed system aims to gain a deep
understanding of video data security on multimedia technologies and
to provide security for real time video applications using selective
encryption for H.264/AVC. Five level of security proposed in this
paper based on the content of NAL unit in Baseline Constrain profile
of H.264/AVC. The selective encryption in different levels provides
encryption of intra-prediction mode, residue data, inter-prediction
mode or motion vectors only. Experimental results shown in this
paper described that fifth level which is ISMACryp provide higher
level of security with more encryption time and the one level provide
lower level of security by encrypting only motion vectors with lower
execution time without compromise on compression and quality of
visual content. This encryption scheme with compression process
with low cost, and keeps the file format unchanged with some direct
operations supported. Simulation was being carried out in Matlab.
Abstract: RFID (Radio Frequency IDentification) system has
been widely used in our life, such as transport systems, passports,
automotive, animal tracking, human implants, library, and so on.
However, the RFID authentication protocols between RF (Radio
Frequency) tags and the RF readers have been bring about various
privacy problems that anonymity of the tags, tracking, eavesdropping,
and so on. Many researchers have proposed the solution of the
problems. However, they still have the problem, such as location
privacy, mutual authentication. In this paper, we show the problems of
the previous protocols, and then we propose a more secure and
efficient RFID authentication protocol.
Abstract: Direct search methods are evolutionary algorithms used to solve optimization problems. (DS) methods do not require any information about the gradient of the objective function at hand while searching for an optimum solution. One of such methods is Pattern Search (PS) algorithm. This paper presents a new approach based on a constrained pattern search algorithm to solve a security constrained power system economic dispatch problem (SCED). Operation of power systems demands a high degree of security to keep the system satisfactorily operating when subjected to disturbances, while and at the same time it is required to pay attention to the economic aspects. Pattern recognition technique is used first to assess dynamic security. Linear classifiers that determine the stability of electric power system are presented and added to other system stability and operational constraints. The problem is formulated as a constrained optimization problem in a way that insures a secure-economic system operation. Pattern search method is then applied to solve the constrained optimization formulation. In particular, the method is tested using one system. Simulation results of the proposed approach are compared with those reported in literature. The outcome is very encouraging and proves that pattern search (PS) is very applicable for solving security constrained power system economic dispatch problem (SCED).
Abstract: Network Management Systems have played a great important role in information systems. Management is very important and essential in any fields. There are many managements such as configuration management, fault management, performance management, security management, accounting management and etc. Among them, configuration, fault and security management is more important than others. Because these are essential and useful in any fields. Configuration management is to monitor and maintain the whole system or LAN. Fault management is to detect and troubleshoot the system. Security management is to control the whole system. This paper intends to increase the network management functionalities including configuration management, fault management and security management. In configuration management system, this paper specially can support the USB ports and devices to detect and read devices configuration and solve to detect hardware port and software ports. In security management system, this paper can provide the security feature for the user account setting and user management and proxy server feature. And all of the history of the security such as user account and proxy server history are kept in the java standard serializable file. So the user can view the history of the security and proxy server anytime. If the user uses this system, the user can ping the clients from the network and the user can view the result of the message in fault management system. And this system also provides to check the network card and can show the NIC card setting. This system is used RMI (Remote Method Invocation) and JNI (Java Native Interface) technology. This paper is to implement the client/server network management system using Java 2 Standard Edition (J2SE). This system can provide more than 10 clients. And then this paper intends to show data or message structure of client/server and how to work using TCP/IP protocol.
Abstract: In this paper variation of spot price and total profits of
the generating companies- through wholesale electricity trading are
discussed with and without Central Generating Stations (CGS) share
and seasonal variations are also considered. It demonstrates how
proper analysis of generators- efficiencies and capabilities, types of
generators owned, fuel costs, transmission losses and settling price
variation using the solutions of Optimal Power Flow (OPF), can
allow companies to maximize overall revenue. It illustrates how
solutions of OPF can be used to maximize companies- revenue under
different scenarios. And is also extended to computation of Available
Transfer Capability (ATC) is very important to the transmission
system security and market forecasting. From these results it is
observed that how crucial it is for companies to plan their daily
operations and is certainly useful in an online environment of
deregulated power system. In this paper above tasks are demonstrated
on 124 bus real-life Indian utility power system of Andhra Pradesh
State Grid and results have been presented and analyzed.
Abstract: The online office is one of web application. We can
easily use the online office through a web browser with internet
connected PC. The online office has the advantage of using
environment regardless of location or time. When users want to use the
online office, they access the online office server and use their content.
However, recently developed and launched online office has the
weakness of insufficient consideration. In this paper, we analyze the
security vulnerabilities of the online office. In addition, we propose
the evaluation criteria to make secure online office using Common
Criteria. This evaluation criteria can be used to establish trust between
the online office server and the user. The online office market will be
more active than before.
Abstract: IEEE has recently incorporated CCMP protocol to provide robust security to IEEE 802.11 wireless LANs. It is found that CCMP has been designed with a weak nonce construction and transmission mechanism, which leads to the exposure of initial counter value. This weak construction of nonce renders the protocol vulnerable to attacks by intruders. This paper presents how the initial counter can be pre-computed by the intruder. This vulnerability of counter block value leads to pre-computation attack on the counter mode encryption of CCMP. The failure of the counter mode will result in the collapse of the whole security mechanism of 802.11 WLAN.
Abstract: Road transportation system is the most important
method of transporting the goods. Considering the most suitable
geographical situation of Iran to transport the goods between Europe
and Asia and placement of this country in direction of international
corridors (east- west) , (north-south) and Asian land transport to
infrastructure development “A.L.T.I.D" and Transport corridor
Europe - Caucasus - Asia “T.R.A.C.E.C.A", noticing the security of
road transportation system in this country is so important. In this
paper the main factors of accidents on the roads of Iran are
categorized regarding the rate of accidents occurred. Then apart from
studying the main reasons of accidents of every category, the main
factors of these events are studied and its strategies in Iran are
introduced.
Abstract: Every organization is continually subject to new damages and threats which can be resulted from their operations or their goal accomplishment. Methods of providing the security of space and applied tools have been widely changed with increasing application and development of information technology (IT). From this viewpoint, information security management systems were evolved to construct and prevent reiterating the experienced methods. In general, the correct response in information security management systems requires correct decision making, which in turn requires the comprehensive effort of managers and everyone involved in each plan or decision making. Obviously, all aspects of work or decision are not defined in all decision making conditions; therefore, the possible or certain risks should be considered when making decisions. This is the subject of risk management and it can influence the decisions. Investigation of different approaches in the field of risk management demonstrates their progress from quantitative to qualitative methods with a process approach.
Abstract: This paper is to investigate the impplementation of security
mechanism in object oriented database system. Formal methods
plays an essential role in computer security due to its powerful expressiveness
and concise syntax and semantics. In this paper, both issues
of specification and implementation in database security environment
will be considered; and the database security is achieved through
the development of an efficient implementation of the specification
without compromising its originality and expressiveness.
Abstract: Secure electronic payment system is presented in this
paper. This electronic payment system is to be secure for clients such
as customers and shop owners. The security architecture of the
system is designed by RC5 encryption / decryption algorithm. This
eliminates the fraud that occurs today with stolen credit card
numbers. The symmetric key cryptosystem RC5 can protect
conventional transaction data such as account numbers, amount and
other information. This process can be done electronically using RC5
encryption / decryption program written by Microsoft Visual Basic
6.0. There is no danger of any data sent within the system being
intercepted, and replaced. The alternative is to use the existing
network, and to encrypt all data transmissions. The system with
encryption is acceptably secure, but that the level of encryption has
to be stepped up, as computing power increases. Results In order to
be secure the system the communication between modules is
encrypted using symmetric key cryptosystem RC5. The system will
use simple user name, password, user ID, user type and cipher
authentication mechanism for identification, when the user first
enters the system. It is the most common method of authentication in
most computer system.
Abstract: One major issue that is regularly cited as a block to
the widespread use of online assessments in eLearning, is that of the
authentication of the student and the level of confidence that an
assessor can have that the assessment was actually completed by that
student. Currently, this issue is either ignored, in which case
confidence in the assessment and any ensuing qualification is
damaged, or else assessments are conducted at central, controlled
locations at specified times, losing the benefits of the distributed
nature of the learning programme. Particularly as we move towards
constructivist models of learning, with intentions towards achieving
heutagogic learning environments, the benefits of a properly
managed online assessment system are clear. Here we discuss some
of the approaches that could be adopted to address these issues,
looking at the use of existing security and biometric techniques,
combined with some novel behavioural elements. These approaches
offer the opportunity to validate the student on accessing an
assessment, on submission, and also during the actual production of
the assessment. These techniques are currently under development in
the DECADE project, and future work will evaluate and report their
use..
Abstract: This paper introduces a tool that is being developed for the expression of information security policy controls that govern electronic healthcare records. By reference to published findings, the paper introduces the theory behind the use of knowledge management for automatic and consistent security policy assertion using the formalism called the Secutype; the development of the tool and functionality is discussed; some examples of Secutypes generated by the tool are provided; proposed integration with existing medical record systems is described. The paper is concluded with a section on further work and critique of the work achieved to date.
Abstract: This paper applies fuzzy set theory to evaluate the
service quality of online auction. Service quality is a composition of
various criteria. Among them many intangible attributes are difficult
to measure. This characteristic introduces the obstacles for respondent
in replying to the survey. So as to overcome this problem, we
invite fuzzy set theory into the measurement of performance. By
using AHP in obtaining criteria and TOPSIS in ranking, we found
the most concerned dimension of service quality is Transaction
Safety Mechanism and the least is Charge Item. Regarding to the
most concerned attributes are information security, accuracy and
information.
Abstract: This research aims to examine the key success factors
for the diffusion of mobile entertainment services in Malaysia. The
drivers and barriers observed in this research include perceived
benefit; concerns pertaining to pricing, product and technological
standardization, privacy and security; as well as influences from
peers and community. An analysis of a Malaysian survey of 384
respondents between 18 to 25 years shows that subscribers placed
greater importance on perceived benefit of mobile entertainment
services compared to other factors. Results of the survey also show
that there are strong positive correlations between all the factors,
with pricing issue–perceived benefit showing the strongest
relationship. This paper aims to provide an extensive study on the
drivers and barriers that could be used to derive architecture for
entertainment service provision to serve as a guide for telcos to
outline suitable approaches in order to encourage mass market
adoption of mobile entertainment services in Malaysia.
Abstract: Elliptic curve-based certificateless signature is slowly
gaining attention due to its ability to retain the efficiency of
identity-based signature to eliminate the need of certificate
management while it does not suffer from inherent private
key escrow problem. Generally, cryptosystem based on elliptic
curve offers equivalent security strength at smaller key sizes
compared to conventional cryptosystem such as RSA which
results in faster computations and efficient use of computing
power, bandwidth, and storage. This paper proposes to implement
certificateless signature based on bilinear pairing to
structure the framework of IKE authentication. In this paper,
we perform a comparative analysis of certificateless signature
scheme with a well-known RSA scheme and also present the
experimental results in the context of signing and verification
execution times. By generalizing our observations, we discuss the
different trade-offs involved in implementing IKE authentication
by using certificateless signature.
Abstract: This article is devoted to the problems of the
disproportional development of regions in the Republic Kazakhstan.
The threats proceeding from problem regions, make strong impact on
the country-s sustainable development, therefore they are necessary
to be considered at the level of national security.
Abstract: Routing security is a major concerned in Wireless
Sensor Network since a large scale of unattended nodes is deployed
in ad hoc fashion with no possibility of a global addressing due to a
limitation of node-s memory and the node have to be self organizing
when the systems require a connection with the other nodes. It
becomes more challenging when the nodes have to act as the router
and tightly constrained on energy and computational capabilities
where any existing security mechanisms are not allowed to be fitted
directly. These reasons thus increasing vulnerabilities to the network
layer particularly and to the whole network, generally. In this paper,
a Dynamic Window Secured Implicit Geographic Forwarding
(DWSIGF) routing is presented where a dynamic time is used for
collection window to collect Clear to Send (CTS) control packet in
order to find an appropriate hoping node. The DWIGF is expected to
minimize a chance to select an attacker as the hoping node that
caused by a blackhole attack that happen because of the CTS rushing
attack, which promise a good network performance with high packet
delivery ratios.
Abstract: In the current study we present a system that is
capable to deliver proxy based differentiated service. It will help the
carrier service node to sell a prepaid service to clients and limit the
use to a particular mobile device or devices for a certain time. The
system includes software and hardware architecture for a mobile
device with moderate computational power, and a secure protocol for
communication between it and its carrier service node. On the
carrier service node a proxy runs on a centralized server to be
capable of implementing cryptographic algorithms, while the mobile
device contains a simple embedded processor capable of executing
simple algorithms. One prerequisite is needed for the system to run
efficiently that is a presence of Global Trusted Verification Authority
(GTVA) which is equivalent to certifying authority in IP networks.
This system appears to be of great interest for many commercial
transactions, business to business electronic and mobile commerce,
and military applications.
Abstract: The paper shows the necessity to increase the security
level for paper management in the cadastral field by using specific
graphical watermarks. Using the graphical watermarking will
increase the security in the cadastral content management;
furthermore any altered document will be validated afterwards of its
originality by checking the graphic watermark. If, by any reasons the
document is changed for counterfeiting, it is invalidated and found
that is an illegal copy due to the graphic check of the watermarking,
check made at pixel level